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(54) Method for transmitting an encryption number in a communication system and a 
communication system 



(57) The invention relates to a method for transmit- 
ting an encryption number in a communication system 
(1) comprising mobile terminals (MT1 — MT4) and at 
least a first access point (AP1) and a second access 
point (AP2). The method comprises the steps of defining 
a set of encryption keys, selecting at each said access 
point (AP1 , AP2) from said set of encryption keys one 
to be used at a time for encrypting information to be 
transmitted between said access point (AP1 , AP2) and 
mobile terminal (MTI — MT4), transmitting from the ac- 
cess point (AP1 , AP2), at intervals, data about the en- 
cryption key selected at the time, setting up a data trans- 
mission connection between a mobile terminal 
(MT1 — MT4) and the first access point (AP1) for the 
transmission of information, and performing a handover, 
whereby a data transmission connection is set up be- 
tween the second access point (AP2) and the mobile 
terminal (MT1 — MT4). In the method, a handover is per- 
formed, wherein a data transmission connection is set 
up between the second access point (AP2) and the mo- 
bile terminal (MT1 — MT4). In the method, in connection 
with the handover, information is also transmitted to the 
mobile terminal (MT1 — MT4) about the encryption key 
selected at the second access point (AP2). 
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Description 

[0001] The present invention relates to a method for 
transmitting an encryption number in a communication 
system as set forth in the preamble of the appended 
claim 1 . The invention also relates to a communication 
system as set forth in the preamble of the appended 
claim 9. 

[0002] There are various wireless communication 
systems under development for implementing wireless 
communication systems for an office environment, so- 
called local area networks (LAN). Several wireless com- 
munication systems are based on the use of radio sig- 
nals in communication. One such communication sys- 
tem based on radio communication is the so-called Hl- 
PERLAN (High PErformance Radio Local Area Net- 
work). Such a radio network is also called a broadband 
radio access network (BRAN). 

[0003] In version 2 of the HIPERLAN communication 
system under development, the aim is to achieve a data 
transmission rate of even more than 30 Mbit/s, the max- 
imum connection distance being some tens of metres. 
Such a system is suitable for use in the same building 
e.g. as an internal local area network for one office. 
There is also a so-called HIPERACCESS communica- 
tion system under development, in which the aim is to 
achieve the same data transmission rate as in said Hl- 
PERLAN/2 communication system, but the aim is to 
achieve a connection distance of several hundreds of 
metres, wherein the HIPERACCESS system is suitable 
for use as a regional local area network for example in 
schools and larger building complexes. 
[0004] In the HIPERLAN/2 system which is used as 
an example, the MAC (Medium Access Control) frame 
structure used in the data link layer DLC is shown in a 
reduced manner in the appended Fig. 1b. The data 
frame FR consists of control fields C, such as RACH 
(Random Access CHannel), BCCH (Broadcast Control 
CHannel) and FCCH (Frame Control CHannel), as well 
as a data field D which comprises a given number of 
time slots TS1, TS2, TSn, in which it is possible to 
transmit actual payload information. 
[0005] Each control field C as well as the packets to 
be transmitted in the time slots of the data field prefer- 
ably comprise error checking data which has been cal- 
culated by an access point AP1 transmitting the data 
frame and added into the control fields C of the data 
frame and to the packets to be transmitted in the time 
slots TS1 , TS2, TSn. This checking data is preferably 
a checksum calculated on the basis of information con- 
tained in said field, such as CRC (Cyclic Redundancy 
Check). In the receiving mobile terminal MT1 , it is pos- 
sible to use the error checking data to examine if the 
data transmission possibly contained any errors. There 
can also be several items of such error checking data 
in the field C, D, calculated on part of the information 
contained in the field. For example in the HIPERLAN/2 
system, the FCCH control field consists of smaller infor- 



mation elements, for which error checking data is cal- 
culated respectively. The number of these information 
elements may vary in each data frame. All data frames 
do not necessarily have an FCCH control field, in which 
s case the number of information elements is zero. 

[0006] Communication in the HIPERLAN/2 system is 
based on time division multiple access TDMA, wherein 
there can be several connections simultaneously on the 
same channel, but in said frame each connection is al- 
io lotted a time slot of its own, in which data is transmitted. 
Because the quantity of data to be transmitted is usually 
not constant in all the simultaneous connections, but it 
varies in time, a so-called adapted TDMA method is 
used, in which the number of time slots to be allocated 
15 tor each data transmission connection may vary from 
zero to a maximum, depending on the loading situation 
at each time as well as on the data transmission capacity 
allocated for the connection. 

[0007] For the time division multiple access to work, 

20 the terminals coupled to the same node must be syn- 
chronized with each other and with the transmission of 
the node. This can be achieved for example in such a 
way that the receiver of the mobile terminal receives sig- 
nals on a channel. If no signal is detected on the chan- 

25 nel, the receiver shifts to receive on another channel, 
until all the channels are examined or a channel is found 
on which a signal is detected that is transmitted from an 
access point. By receiving and demodulating this signal, 
it is possible to find out the time of transmission of the 

30 control channel BCCH of the access point in question 
and to use this to synchronize the terminal. In some cas- 
es, the terminal may detect a signal from more than one 
access points, wherein the terminal preferably selects 
the access point with the greatest signal strength in the 

35 receiver and performs synchronization with this access 
point. 

[0008] After the terminal has been synchronized with 
the access point, the terminal can start a connection set- 
up to couple to this access point. This can be performed 

40 preferably so that the terminal transmits a connection 
set-up request to the access point on the RACH control 
channel. In practice, this means that the terminal trans- 
mits in a time slot allocated for the RACH control chan- 
nel and the access point simultaneously listens to com- 

45 munication on the channel, i.e. receives signals on the 
channel frequency used by the same. After detecting 
that a terminal is transmitting a connection set-up re- 
quest message, the access point takes the measures 
required for setting up the connection, such as resource 

50 allocation forthe connection, if possible. In the resource 
allocation, the quality of service requested for the con- 
nection is taken into account, affecting e.g. the number 
of time slots to be allocated for the connection. The ac- 
cess point informs the terminal if the connection set-up 

55 is possible or not. If it has been possible to set up a con- 
nection, the access point transmits in the BCCH control 
field information e.g. on the transmission time slots, re- 
ceiving time slots, connection identifier, etc. allocated 
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for the connection. The number of transmission and re- 
ceiving time slots is not necessarily the same, because 
in many cases the quantity of information to be trans- 
mitted is not the same in both directions. For example, 
when an Internet browser is used, considerably less in- 
formation is transmitted from the terminal than informa- 
tion is received at the terminal. Thus, for the terminal, 
fewer transmission time slots are needed than receiving 
time slots. Furthermore, the number of time slots allo- 
cated for the connection may preferably vary in different 
frames according to the need to transmit information at 
the time. The access point controller is provided with a 
so-called scheduler, which serves e.g. the purpose of 
allocating time slots for different connections as men- 
tioned above. The scheduler is implemented preferably 
in an application program in the access point controller. 
[0009] Because full-duplex communication is needed 
in local area networks, also a full-duplex data transmis- 
sion connection is needed on the radio channel. In a 
time division system, this can be implemented either in 
such a way that some of the time slots in a frame are 
allocated for transmission from the mobile terminal to 
the access point (uplink) and some are allocated for 
transmission from the access point to the mobile termi- 
nal (downlink), or in such a way that a separate frequen- 
cy band is allocated for each communication direction. 
In the HIPERLAN/2 system, the introduction of the first 
mentioned method is proposed, wherein the access 
point and the terminals coupled therewith do not trans- 
mit simultaneously. 

[0010] When the data transmission is being set up, 
the mobile terminal is listening to find out which access 
points have signals to be received. The mobile terminal 
advantageously measures the strength of the signals 
and selects the access point whose signal is the strong- 
est at the moment. Thereafter the mobile terminal and 
the access point conduct connection set-up signalling 
for instance to transmit parameters such as the required 
data transmission rate, connection type, data transmis- 
sion channel, time slots, and connection identifier to be 
used in the connection. 

[0011] Typically also during the connection, the mo- 
bile terminal measures the strength of the signal of the 
access point used in the connection as well as the 
strength of the signals of the other possible access 
points within the coverage area. If it is detected that the 
signal strength of another access point is sufficiently 
greater than the signal strength of the access point used 
at that particular moment, it is possible to conduct a 
handover to this access point, which is known as such. 
[0012] The HIPERLAN/2 communication system 
comprises an access point AP, an access point control- 
ler APC, and mobile terminals MT Furthermore, the Hl- 
P ELAN/2 system can be arranged in a data transmis- 
sion connection with other communication systems, 
such as public switched and mobile telecommunication 
networks, the Internet network, etc. Communication be- 
tween the access point and the mobile terminal is effect- 



ed in a wireless manner on the radio channel. Thus, to 
reduce the risk of eavesdropping, encryption can be per- 
formed : whereby information intended to be transmitted 
on the radio channel is first encrypted and then trans- 

5 mitted. For encryption, a set of encryption keys is pro- 
posed to be established in the HIPERLAN/2 communi- 
cation system. The keys of this set of encryption keys 
are used in a predetermined order to encrypt information 
contained in a data frame to be transmitted each time. 

10 The length of the encryption key is e.g. 56 bits. This en- 
cryption key and a particular encryption algorithm are 
used to form encrypted information. The encryption al- 
gorithm and the set of encryption keys are stored at the 
access point as well as in the mobile terminals. Thus, 

15 the encryption algorithm and the encryption keys do not 
need to be transmitted overthe radio channel, which re- 
duces the risks of uncovering the encryption method 
and of misuse. 

[0013] To make the uncovering of the encryption key 
20 and the encryption algorithm more difficult, the same en- 
cryption key is not used continuously, but the encryption 
keys is changed at certain intervals. For this reason, 
such a solution has been proposed for the HIPERLAN/ 
2 system that a so-called encryption number (synchro- 
's nization seed for the encryption key) is transmitted from 
the access point to the mobile terminal, on the basis of 
which the mobile terminal can form the encryption key 
used in the description. The encryption number (and the 
encryption key) is always frame-specific; that is, it is 
30 changed at intervals of two milliseconds in the HIPER- 
LAN/2 system. However, this encryption number does 
not need to be transmitted to the mobile terminal for 
each frame separately, but the arrangement is imple- 
mented in such a way that the mobile terminal knows 
35 the encryption key sequence and can, on the basis of 
one encryption number received, find out also the en- 
cryption key to be used in the encryption of the next 
frames. However, this requires that the mobile terminal 
remains synchronized with the transmission of the ac- 
40 cess point. If, for any reason, the mobile terminal does 
not detect all the frames, or the mobile terminal is, for 
any other reason, no longer synchronized with the trans- 
mission of the access point, the mobile terminal does 
not have correct information on the encryption key Also 
45 in a situation in which the mobile terminal has performed 
handover, the mobile terminal has no information about 
the encryption key used by this new access point at each 
time. For this reason, it has been proposed that the 
transmission of the encryption number be performed at 
50 predetermined intervals, wherein the mobile terminal 
will be, again, capable of performing encryption/decryp- 
tion after the mobile terminal has received the new en- 
cryption number. 

[0014] The transmission interval of encryption num- 
55 bers affects e.g. the fact how fast, for example in a 
handover situation, the mobile terminal is capable of 
transmitting encrypted information. Thus, the faster the 
encryption numbers are transmitted, the sooner after a 
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handover the mobile terminal is capable of transmitting 
and receiving encrypted information. This short trans- 
mission interval of the encryption numbers will, howev- 
er, cause the disadvantage that the communication sys- 
tem is loaded to a relatively great extent by these trans- 
missions of encryption numbers. 

[0015] It is an aim of the present invention to provide 
a method and a communication system, whereby the 
interval of transmitting encryption numbers can be ex- 
tended and a fast recovery can still be achieved for ex- 
ample in a handover situation and upon failure of syn- 
chronization. The invention is based on the idea that the 
access point transmits the encryption numberto the mo- 
bile station in connection with the handover. The method 
according to the present invention is characterized in 
what will be presented in the characterizing part of the 
appended claim 1 . The communication system accord- 
ing to the present invention is characterized in what will 
be presented in the characterizing part of the appended 
claim 9. 

[0016] With the present invention, significant advan- 
tages are achieved when compared with solutions of pri- 
or art. Using the method of the invention, it is possible 
to spread the interval of transmitting encryption num- 
bers and still to perform synchronization with the encryp- 
tion in a mobile terminal quickly in a handover situation. 
Because the interval of transmitting the encryption num- 
bers can be spread, also the loading of the communica- 
tion system is reduced correspondingly, as also the 
processing required at the access point and in the mo- 
bile terminal. Furthermore, the total power consumption 
of mobile terminals can be reduced, because the mobile 
terminal is not unnecessarily shifted from a sleep mode 
to a normal operation mode to receive data frames, in 
which an encryption number is transmitted to another 
mobile terminal. Fast synchronization with the encryp- 
tion also means that in handover situations, disconnec- 
tions can be avoided better than in communication sys- 
tems of prior art. 

[0017] In the following, the present invention will be 
described in more detail with reference to the appended 
drawings, in which 

Fig. 1a shows a communication system according 
to a preferred embodiment of the invention 
in a reduced block chart 

Fig. 1b shows a data frame in the HIPERLAN/2 sys- 
tem, 

Fig. 2 shows a mobile terminal according to a pre- 
ferred embodiment of the invention in a re- 
duced block chart, 

Fig. 3 shows an access point and an access point 
controller according to a preferred embodi- 
ment of the invention in a reduced block 
chart, 



6 

Fig. 4 shows, in a reduced manner, the implemen- 
tation of the method according to a preferred 
embodiment of the invention in a data frame 
format, 

5 

Fig. 5 shows, in a reduced manner, encryption im- 
plemented in connection with the method ac- 
cording to a preferred embodiment of the in- 
vention in a reduced chart, and 

10 

Fig. 6 shows protocol stacks to be applied in a 
communication system according to a pre- 
ferred embodiment of the invention in a re- 
duced manner. 

15 

[0018] In the following description of a communication 
system 1 according to a preferred embodiment of the 
invention, the HIPfeRLAN/2 system of Fig. 1a will be 
used as an example, but it is obvious that the invention 

20 is not limited solely to this system. The communication 
system 1 consists of mobile terminals MT1 — MT4, one 
or several access points AP1, AP2, as well as access 
point controllers APC1 . APC2. A radio connection is set 
up between the access point AP1 , AP2 and the mobile 

25 station MT1 — MT4, for transmitting e.g. signals re- 
quired for setting up a connection and information during 
the connection, such as data packets of an Internet ap- 
plication. The access point controller APC1 , APC2 con- 
trols the operation of the access point AP1 , AP2 and the 

30 connections set up via them to mobile terminals 
MT1 — MT4. The access point controller APC1, APC2 
has a controller 1 9 (Fig. 3), functions of the access point 
being implemented in its application software, including 
an access point schedulerf or performing various sched- 

35 uling operations in a way known per se. In such a radio 
network, several access point controllers APC1, APC2 
can communicate with each other as well as with other 
data networks, such as the Internet network, a UMTS 
mobile communication network (Universal Mobile Ter- 

40 minal System), etc., wherein the mobile terminal 
MT1 — MT4 can communicate e.g. with a terminal TE1 
coupled to the Internet network. It is obvious that the 
invention can also be applied in such communication 
systems which have no access point controller APC1 , 

45 APC2 but where the corresponding functions are imple- 
mented at the access point AP1, AP2. 
[0019] Figure 2 shows, in a reduced block chart, a mo- 
bile terminal MT1 complying with a preferred embodi- 
ment of the invention. The mobile terminal MT1 prefer- 

50 ably comprises data processing functions PC and com- 
munication means COM to set up a data transmission 
connection to a mobile local area network. The mobile 
terminal can also be formed in such a way that a data 
processor, such as a portable computer, is connected 

55 e.g. with an expansion card comprising said communi- 
cation means COM. The data processing functions PC 
preferably com prise a processor 2, such as a microproc- 
essor, a microcontroller orthe like, a keypad 3, a display 
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means 4, memory means 5, and connection means 6. 
In addition, the data processing functions PC can com- 
prise audio means 7, such as a speaker 7a, a micro- 
phone 7b, and a codec 7c, wherein the user can use the 
mobile terminal MT1 also e.g. for the transmission of 
speech. Information intended to be transmitted from the 
mobile terminal MT1 to the local area network is prefer- 
ably transmitted by the connection means 6 to the com- 
munication means COM. In a corresponding manner, in- 
formation received from the local area network 1 into the 
mobile terminal MT1 is transmitted to the data process- 
ing functions PC via said connection means 6. 
[0020] The communication means COM comprise e. 
g. an antenna 30, a high-frequency part 8, an encoder 
20, a decoder 21, an encryption block 9, a decryption 
block 10, a control means 11 , as well as a reference os- 
cillator 12. The high-frequency part 8 preferably com- 
prises e.g. filters, a modulator and a demodulator (not 
shown). Furthermore, the communication means COM 
have a memory 1 3 for example for forming the transm is- 
sion and receiving buffers required in the data transmis- 
sion as well as for storing the encryption key table and 
the encryption sequence. The encoder 20 is used for 
encoding information contained in data frames. The en- 
coded information is transmitted to the high-frequency 
part 8 to be modulated and to be transmitted as a radi- 
ofrequency signal in the communication channel CH 
(Fig. 1 a). In a corresponding manner, in the decoder, the 
encoded information received from the communication 
channel and demodulated in the demodulator is re- 
stored preferably into data frame format. The reference 
oscillator 12 is used to perform the necessary schedul- 
ing to synchronize the transmission and reception with 
the transmission and reception of the access point. The 
reference oscillator 12 can also be used for generating 
timing signals for the control means 1 1 , wherein in prac- 
tical applications, frequency conversion means (not 
shown) are used to convert the frequency of the refer- 
ence oscillator 12 into frequencies needed in the radio 
part and a frequency suitable for controlling the opera- 
tion of the control means 11 . 

[0021] The access point AP1 (Fig. 3) comprises, in a 
corresponding manner, first communication means 15, 
23 — 26 for setting up a data transmission connection to 
mobile terminals MT1 — MT4. The local area network 
according to the invention can also be implemented as 
a local area network with no connection to external data 
networks. Thus, one access point AP1 may be suffi- 
cient with which the mobile terminals MT1 — MT4 of the 
local area network communicate. In the mobile local ar- 
ea network, a data transmission connection 16 is pref- 
erably arranged from one or several access points AP1 , 
AP2 to a data processor S which is generally called a 
server computer or, shorter, a server. Such a server 
comprises, in a way known per se, company data files, 
application software, etc. in a centralized manner. The 
users can thus start up applications installed on the 
server S via the mobile terminal MT1 . The server S or 



the access point AP1 may also comprise second com- 
munication means 1 7 to set up a data transmission con- 
nection to another data network, such as the Internet 
network or a UMTS mobile communication network. 

5 [0022] The communication means of the access point 
AP1 , AP2 comprise one or several oscillators 22 to gen- 
erate the frequencies needed in the operation, an en- 
cryption block 23, a decryption block 25, an encoder 24, 
a decoder 26, as well as a high-frequency part 1 5, which 

10 are known per se. 

[0023] Each access point AP1 , AP2 and mobile ter- 
minal MT1 — MT4 is allocated an identification, wherein 
the access point AP1 , AP2 is aware of the mobile sta- 
tions MT1 — MT2 coupled to the access point AP1 , AP2. 

15 in a corresponding manner, on the basis of the identifi- 
cations, the mobile terminals MT1 — MT4 separate the 
frames transmitted by different access points AP1 , AP2 
from each other. These identifications can also be used 
in a situation in which the connection of the mobile ter- 

20 minal MT1 — MT4 is handed over from one access point 
AP1 to another access point AP2, e.g. as a result of im- 
paired quality of the connection. 

[0024] For communication, the mobile terminal MT1 
must be coupled in a data transmission connection with 

25 the local area network 1 . This can be performed prefer- 
ably in such a way that a network controller, or a corre- 
sponding application program is started up in the mobile 
terminal MT1 , containing the program codes for logging 
in the local area network 1 as well as for transmitting 

30 data between the mobile terminal MT1 and the local ar- 
ea network 1 . In connection with starting up the network 
controller, the necessary operations are performed e.g. 
to set up the functional parameters of the communica- 
tion means COM of the mobile terminal. Thus, the re- 

35 ceiver of the communication means COM starts to re- 
ceive signals at a channel frequency of the local area 
network. If no signal is detected within a certain time, 
the channel to be listened to is changed. At the stage 
when a signal is detected on any channel frequency, the 

40 signal received by the receiver of the communication 
means COM is demodulated and transmitted to be de- 
coded, wherein it is possible to determine the informa- 
tion transmitted in the radio signal, which is known as 
such. This decoded signal, which is preferably stored in 

45 the receiving buffer in the memory 13 of the communi- 
cation means, is searched for the identifier of the BCCH 
control field of the data frame. The identifier of this 
BCCH control field is located at a particular point in the 
data frame, and therefore, after the identifier is found, 

50 the location of the BCCH control field in the receiving 
buffer is known. The BCCH control field contains for in- 
stance the identifier (AP ID) of the access point that has 
transmitted the frame FR1 , the identifier of the local area 
network (NET ID), the data frame number, the encryp- 

55 tion number, the initializing vector, if necessary, as well 
as information on the length of the FCCH control field, 
the way of modulation, and encoding. 
[0025] The mobile terminal MT1 is synchronized with 
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the transmission of this access point AP1 . The mobile 
terminal MT1 requests for connection set-up by trans- 
mitting an RACH message to the access point AP1 at a 
moment of time allocated for the same. For example, in 
the frame structure according to Fig. 1 b, the RACH mes- 
sage can be transmitted after the transmission and re- 
ception time slots, before the next BCCH control field. 
In the message, the mobile terminal MT1 transmits in- 
formation e.g. on the quality of service requested for the 
connection and on the connection type, such as a mul- 
timedia connection, data connection, speech connec- 
tion. The connection type and the quality of service in- 
fluence e.g. the number of time slots TS1 — TSn to be 
allocated for the connection. 

[0026] The access point controller APC1 examines 
the message and finds out, e.g. from a resource alloca- 
tion table or the like, how much resources are available 
at the time for the access point AP1 . If there are suffi- 
cient resources to set up a connection corresponding to 
the requested quality of service, the access point con- 
troller APC1 allocates the required resources for the 
connection. In the memory means 14 of the access point 
controller APC1 , transmission and receiving strings 
(buffers) are formed for the connection, which are used 
for temporary storage of received packets and for tem- 
porary storage of packets waiting to be transmitted. Fur- 
thermore, each connection is allocated a connection 
identifier, wherein the transmission of data to the correct 
destination is secured. Also, priority can be selected for 
the connection, wherein resources available at the time, 
such as transmission and receiving time slots, are allo- 
cated in the order of priority. Depending on e.g. the need 
for resources, it is possible to allocate a different number 
of time slots TS1 — TSn from the data field of the data 
frame FR for different connections. Also, the number of 
time slots allocated for transmission and for reception 
can be different even in the same connection , as already 
mentioned above in this description. The number of time 
slots TS1 — TSn allocated for connections may also 
vary according to the frame, wherein in each frame FR, 
the number of time slots TS1 — TSn allocated for the 
connection may vary from zero to a maximum. The lo- 
cation of the transmission and receiving time slots con- 
tained in the data frame is preferably transmitted in the 
FCCH control field. 

[0027] After a connection to the local area network 1 
has been set up, it is possible to start data transmission 
between a server S and a mobile terminal MT1 prefer- 
ably with a protocol, such as the IP (Internet Protocol). 
Figure 6 shows this data transmission by means of pro- 
tocol stacks. Of the protocol stacks, the application layer 
AL, the convergence layer + network layer CU*-NL, the 
data link layer DL, and the physical layer PHY are pre- 
sented. On the radio channel, i.e. between the access 
point AP1 and the mobile terminal MT1 , the data link 
layer of the protocol stack comprises, in this preferred 
embodiment, the MAC layer (Media Access Control) as 
the lowermost layer, which takes care of using the radio 



channel in communication between the mobile terminal 
MT1 and the access point AP1 , such as encryption and 
channel allocation in the transmission and reception of 
packets. This description deals primarily with data 
5 frames FR of the MAC layer. It is obvious that encryption 
operations can also be performed in connection with the 
other protocol layers, but this is not significant perse in 
view of this invention, wherein they are not discussed in 
more detail in this context. 
10 [0028] A scheduler 1 8 formed in the access point con- 
troller APC1 , APC2 performs e.g. scheduling of data 
frames FR of the access point AP1 , AP2 and allocation 
of transmission and receiving time slots for packets of 
active connections waiting to be transmitted. The sched- 
15 uter switches the receiver of the access point to receive 
a radio signal for the time allocated for the RACH field 
of the frame. Thus, mobile terminals MT1 — MT4 can 
transmit, in addition to the above-presented connection 
set-up request, various measurement data to the ac- 
20 cess point. 

[0029] In the following, the operation of the method 
according to a preferred embodiment of the invention 
will be described. At the stage when the mobile terminal 
MT1 has been connected to the first access point AP1 
25 and has received an encryption number Kl, the mobile 
terminal MT1 has set an encryption sequence counter 
SC (Fig. 2) to a value corresponding to the encryption 
number. If the encryption number is an index referring 
to an encryption key table ST, one advantageous exam- 
30 pie being shown in Fig. 5, the value of the encryption 
key table ST can be set directly to this encryption 
number. After this, the mobile terminal MT1 monitors the 
transmission of the access point AP1 and always in con- 
nection with frame change changes the value of the en- 
35 cryption sequence counter in such a way that it prefer- 
ably indicates the next encryption key in the encryption 
key table ST. The frame change can be detected in that 
the access point AP1 transmits the (next) BCCH control 
field. In connection with receiving this BCCH control 
40 field, the mobile terminal MT1 can, if necessary, also 
perform synchronization of the local clock to keep it syn- 
chronized with the access point AP1 . After the last en- 
cryption key in the encryption table ST, the encryption 
sequence counter SC is preferably set to indicate the 
45 start of the encryption table ST 

[0030] In the BCCH field of certain MAC frames, the 
access point AP1 transmits information to all mobile ter- 
minals connected with the access point AP1 in question 
(broadcast frame) or to some of them (subbroadcast 
50 frame). Thus, each of these mobile terminals receives 
at least the information transmitted in the BCCH field 
and uses it to find out when information is transmitted 
to the mobile terminal in question and when it can trans- 
mit information. After this, the mobile terminal can pos- 
55 sibly shift to a sleep mode to save power, wherein the 
sleep mode is set to terminate either before the trans- 
mission of the next general BCCH control field intended 
for several mobile terminals, or before the transmission 
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or receiving time slot allocated for the mobile terminal 
MT1 in question. In the sleep mode, the radio part of the 
mobile terminal MT1 is set in a power saving mode or 
turned off. The encryption sequence counter SC can, 
however, be updated, because the mobile terminal MT1 
is aware of the number of MAC frames during which it 
is in the sleep mode. 

[0031] Encryption in a communication system accord- 
ing to a preferred embodiment of the invention is pre- 
sented in the appended Fig. 5 in a reduced chart. An 
encryption number Kl and, if necessary, also an initiali- 
zation vector IV are transmitted at least once to the mo- 
bile terminal MT1 . The initialization vector has a certain 
initial value set for a random sequence generator RS. 
The initial value for the random sequence generator of 
the mobile terminal is set in a corresponding manner in 
the mobile terminal MT1 . At the stage when the access 
point AP1 has information to be transmitted to the mo- 
bile terminal, an encryption sequence is formed in the 
random sequence generator RS on the basts of the en- 
cryption key in use at the moment. This encryption se- 
quence is transferred to a combination block XOR in 
which an Exclusive Or (XOR) operation is preferably 
performed between the encryption sequence and the in- 
formation to be transmitted, to produce information en- 
crypted bit by bit. From the combination block XOR, the 
encrypted information is transferred further to be trans- 
mitted in preferably one or several data fields D. 
[0032] The communication means COM of the mobile 
terminal MT1 are used to decrypt information received 
from the communication channel and demodulated in 
the demodulator, preferably in the following way. In the 
mobile terminal MT1 , the encryption sequence is calcu- 
lated on the basis of the encryption key, the random se- 
quence generator and the initializing vector in the same 
way as in the access point AP1 . The encrypted informa- 
tion and the encryption sequence are transferred to a 
separation block XOR', whose output comprises the 
transmitted information in unencrypted form. 
[0033] It is obvious that in connection with the present 
invention, also other methods for encrypting information 
with an encryption key can be used than that presented 
above. 

[0034] In a situation in which the mobile terminal MT1 
hands the connection over to a second access point 
AP2 or the first access point AP1 performs a forced 
handover, the mobile terminal MT1 performs the normal 
handover signalling with this second access point AP2. 
This is described as a frame indicated with the reference 
HO in the appended Fig. 4. At this stage, the mobile ter- 
minal MT1 can, however, no longer use the encryption 
number in its memory, because the mobile terminal MT1 
does not known which encryption number is used at this 
second access point AP2 at the moment. The second 
access point AP2 transmits the encryption number at 
intervals, but in addition to that, in the method according 
to the present invention, the access point AP2 will send 
the encryption key after the handover, because the time 



until the next transmission of the encryption number can 
be so long that the connection could even be cut off. 
[0035] The transmission of the encryption key can be 
preferably implemented in the following way (Fig. 4). Af- 

5 ter receiving information about a need to transmit the 
encryption number, the second access point AP2 se- 
lects the next suitable moment for the transmission of 
the encryption key. The access point AP2 preferably se- 
lects such a BCCH control field which is not used as a 

10 general BCCH control field mentioned above in this de- 
scription, indicated as an example with the reference BC 
in Fig. 4. By this arrangement, receiving operations are 
not caused unnecessarily and power consumption is not 
unnecessarily increased in other mobile terminals. The 

15 access point AP2 transmits the encryption number at 
least once, but to secure that the mobile terminal MT1 
receives the encryption number correctly, the access 
point can also retransmit it several times, for example 
three times in succession. This retransmission may be 

20 necessary e.g. in such situations in which the mobile ter- 
minal MT1 is at the edge of a cell or in another location 
where the signal strength is decayed. Figure 4 shows, 
indicated with the reference YS, the transmission of one 
or more encryption numbers to be transmitted after the 

25 handover and, indicated with the reference NS respec- 
tively, the normal transmission of the encryption number 
to be performed at intervals. 

[0036] The handover can be reported to the access 
point AP1 , AP2 in several different ways. For example, 

30 a mobile terminal MT1 communicating with one access 
point AP1 can transmit a handover request to another 
access point AP2. In this connection, the mobile termi- 
nal MT1 can inform about the handover to the access 
point AP1 with which it communicates at the moment 

35 and from which the connection is handed over to the 
second access point AP2. Thus, if a data transmission 
connection is arranged between the access points AP1 , 
AP2, this first access point AP1 can inform the second 
access point AP2 that there is a need to transmit the 

40 encryption numbers more often. Another alternative is 
that the access point AP1 with which the mobile terminal 
MT1 communicates at the moment, forces the mobile 
terminal MT1 to execute the handover. Also in this situ- 
ation, this first access point AP1 can inform the second 

45 access point AP2 that there is a need to transmit the 
encryption numbers more often. 

[0037] At the access point AP1 , AP2, the operations 
of the method according to the invention can be prefer- 
ably implemented in the application software of the con- 

50 troller 19 of the access point controller. 

[0038] The invention can also be applied in other sys- 
tems than the HIPERLAN/2 system used in this exam- 
ple. For example in the mobile communication system 
according to the GSM system (not shown), a base trans- 

55 ceiver station corresponds to the access point AP1 , 
AP2, and a base station controller corresponds to the 
access point controller APC1 , APC2, being in radio 
communication with the mobile terminals via the base 
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stations. 

[0039] In a corresponding manner, in the WCDMA 
system (not shown), a node-B corresponds to the ac- 
cess point AP1 , AP2 and a radio network controller cor- 
responds to the access point controller APC1 , APC2. 
[0040] Also other than time division multiple access 
(TDM A) systems are feasible, e.g. a code division mul- 
tiple access (CDMA) system, or a frequency division 
multiple access (FDMA) system, or a combination of 
these different systems. Thus, in the code division mul- 
tiple access system, the feature corresponding to the 
time slots (transmission sequence) is a code slot, and 
in the frequency division multiple access system it is a 
frequency slot. 

[0041] It is obvious that the present invention is not 
limited solely to the above-presented embodiments, but 
it can be modified within the scope of the appended 
claims. 



Claims 

1 . A method for transmitting an encryption number in 
a communication system (1) comprising mobile ter- 
minals (MT1 — MT4) and at least a first access point 
(AP1 ) and a second access point (AP2), the method 
comprising the steps of: 

defining a set of encryption keys, 
selecting at each said access point (AP1 , AP2) 
from said set of encryption keys one to be used 
at a time for encrypting information to be trans- 
mitted between said access point (AP1, AP2) 
and mobile terminal (MT1- — MT4), 
transmitting from the access point (AP1 , AP2), 
at intervals, data about the encryption key se- 
lected at the time, 

setting up a data transmission connection be- 
tween a mobile terminal (MT1 — MT4) and the 
first access point (AP1) for the transmission of 
information, and 

performing a handover, whereby a data trans- 
mission connection is set up between the sec- 
ond access point (AP2) and the mobile terminal 
(MT1 — MT4), 

characterized in that in the method, in connection 
with the handover, information is transmitted to the 
mobile terminal (MT1 — MT4) about the encryption 
key selected at the second access point (AP2). 

2. The method according to claim 1 , characterized in 
that each encryption key in said set of encryption 
keys is allocated an encryption number (Kl), where- 
in said encryption number (Kl) is used as said data 
about the encryption key selected. 

3. The method according to claim 1 or 2, in which in- 



formation is transmitted in data frames (FR), char- 
acterized in that the encryption key is changed in 
connection with each data frame (FR). 

5 4. The method according to claim 3, in which some of 
the data frames are used as common data frames 
for transmitting information from the second access 
point (AP2) to more than one mobile terminal 
(MT1 — MT4), characterized in that said data about 

10 the encryption key is transmitted in another data 
frame than said common data frame. 

5. The method according to any of the claims 1 to 4, 
characterized in that said set of encryption keys is 

15 stored in said access points (AP1 , AP2) and in the 
mobile terminal (MT1 — MT4). 

6. The method according to any of the claims 1 to 5, 
characterized in that the mobile terminal 

20 (MT1 — MT4) informs said second access point 

(AP2) about a need for handover, wherein said sec- 
ond access point (AP2) transmits information about 
the encryption key selected at the second access 
point (AP2) at the moment to the mobile terminal 

25 (MT1— MT4). 

7. The method according to any of the claims 1 to 5, 
characterized in that the mobile terminal 
(MT1 — MT4) informs said first access point (AP1) 

30 about a need for handover, that said first access 
point (AP1 ) transmits information about the hando- 
verto said second access point (AP2), wherein said 
second access point (AP2) transmits information 
about the encryption key selected at the second ac- 

35 cess point (AP2) at the time to the mobile terminal 
(MT1— MT4). 

8. The method according to any of the claims 1 to 5, 
characterized in that the first access point (AP1) 

40 executes a forced handover, in which the mobile ter- 
minal (MT1 — MT4) communicating with said first 
access point is transferred to communicate with 
said second access point (AP2), that said first ac- 
cess point (AP1) transmits information about the 

45 handover to said second access point (AP2), 
wherein said second access point (AP2) transmits 
information about the encryption key selected at the 
second access point (AP2) at the time to the mobile 
terminal (MT1 — MT4). 

50 

9. A mobile communication system (1) comprising mo- 
bile terminals (MT1 — MT4), at least a first access 
point (AP1 ) and a second access point (AP2); a set 
of encryption keys being defined in the communica- 

55 tion system (1); the access point (AP1 , AP2) com- 
prising means for selected from said set of encryp- 
tion keys one at a time to be used for encryption of 
information to be transmitted between said access 
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point (AP1 , AP2) and mobile terminal (MT1 — MT4), 
and means for transmitting information about the 
encryption key selected at the time at intervals from 
the access point (AP1, AP2); the communication 
system (1) also comprising means for setting up a 5 
data transmission connection between the mobile 
terminal (MT1 — MT4) and the first access point 
(AP1) for the transmission of information, and 
means for executing a handover and setting up a 
data transmission connection between the second 10 
access point (AP2) and the mobile terminal 
(MT1 — MT4), characterized in that the mobile 
communication system (1) also comprises means 
for transmitting information about the encryption 
key selected at the second access point (AP2) to 15 
the mobile terminal (MT1 — MT4) in connection with 
the handover. 

10. The mobile communication system (1 ) according to 
claim 9, characterized in that it also comprises 20 
means for defining an encryption number for each 
encryption key in said set of encryption keys (ST), 
wherein said encryption number (Kl) is arranged to 

be used as said information about the encryption 
key selected. 25 

1 1 . The mobile communication system (1 ) according to 
claim 9 or 10, which comprises means for transmit- 
ting information in data frames (FR), characterized 

in that the encryption key is arranged to be changed 30 
in connection with each data frame (FR). 

1 2. The mobile communication system (1 ) according to 
claim 11 , in which some of the data frames are ar- 
ranged to be used as common data frames for 35 
transmitting information from one access point 
(AP2) to more than one mobile terminal 
(MT1 — MT4), characterized in that said data about 

the encryption key is arranged to be transmitted in 
another data frame than said common data frame. *o 



any of the claims 9 to 13, characterized in that the 
mobile terminal (MT1 — MT4) comprises means (8, 
11, 30) for informing said first access point (AP1) 
about the need for handover, 

1 6. The mobile communication system (1 ) according to 
any of the claims 9 to 13, characterized in that the 
first access point (AP1) comprises means for per- 
forming a forced handover, wherein the mobile ter- 
minal (MT1 — MT4) communicating with said first 
access point is arranged to be handed over to com- 
municate with said second access point (AP2), and 
means for transmitting information about the 
handover to said second access point (AP2), 
wherein information about the encryption key se- 
lected at the second access point (AP2) at the time 
is arranged to be transmitted from said second ac- 
cess point (AP2) to the mobile terminal 
(MT1 — MT4). 



13. The mobile communication system (1) according to 
any of the claims 9 to 12, characterized in that said 
set of encryption keys is stored at said access 
points (AP1, AP2) and mobile terminal 
(MT1 — MT4). 



14. The mobile communication system (1) according to 
any of the claims 9 to 1 3, characterized in that the 
mobile terminal (MT1 — MT4) comprises means (8, 50 
11 , 30) for informing said second access point (AP2) 
about the need for a handover, wherein data is ar- 
ranged to be transmitted from said second access 
point (AP2) to the mobile terminal (MT1 — MT4) 
about the encryption key selected at the second ac- 55 
cess point (AP2) at the time. 



15. The mobile communication system (1) according to 
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tween the second access point (AP2) and the mobile 
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up between the second access point (AP2) and the mo- 
bile terminal (MT1 — MT4). In the method, in connection 
with the handover, information is also transmitted to the 
mobile terminal (MT1 — MT4) about the encryption key 
selected at the second access point (AP2). 
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